package controller;

import helper.Postman;
import helper.Randomness;
import helper.UserSession;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import model.CustomerDAO;
import model.Model;
import databeans.Customer;
import databeans.Employee;


public class EmployeeResetCustomerPasswordAction extends Action {

    private CustomerDAO customerDAO;

    public EmployeeResetCustomerPasswordAction(Model model) {
     
        customerDAO = model.getCustomerDAO();
    }

    public String getName() {
        return "employeeResetCustomerPassword.do";
    }

    public String perform(HttpServletRequest request) {
        //ATTENTION
        // define target page
    	String loginPageAjax   = "common/messages.jsp";
    	String loginPage = "employee/employee-login.jsp";
        String originPage = "employee/reset-customer-password.jsp";
        
        //set the employee
        Employee employee = null;
        Customer customer = null;

        
        //errors and messages will be stored here
        //resetting those containers
        List<String> errors = new ArrayList<String>();
        List<String> messages = new ArrayList<String>();
   
        //define the error and message
        request.setAttribute("errors", errors);
        request.setAttribute("messages", messages);
        request.setAttribute("user-type", "employee");
        request.setAttribute("page", "reset-cust-pass");

        
        String customerID = request.getParameter("customerID");
        
        System.out.println("customer ID from AJAX call == " + customerID);

        String type = (String)request.getParameter("type");
        System.out.println("================= >>> type = " + type);
        
        //check if employee has been logged in
        //request.getSession() will return the current session and if one does not exist, a new session will be cretaed.
        //request.getSession(true) will return the current session if one exists, if one doesn't exits a new one will be created.
        //So there is actually no difference between the two methods HOWEVER, if you use request.getSession(false), it will return the current session if one exists and if one DOES NOT exist a new one will NOT be cretaed.
        employee = (Employee) request.getSession(true).getAttribute("employee");
        if (employee == null) {
        	if(type!=null && type.equals("ajax"))
        	{
        		errors.add("Your session has timed out. Please Login again. <a href=\"employeeHome.do\">Login</a> ");
        		return loginPageAjax;
        	}else
        	{
        		errors.add("You need to log in! ");
        		return loginPage ;
        	}
        }
        
        //check if customer has actually logged in
        customer = UserSession.getLoggedInCustomer(request);
        if (customer != null) {
            request = UserSession.removeCustomerFromSession(request);
            errors.add("This section is closed for customer");
            return loginPage;
        }
        //check the session

        // check for get or post request
        //if there is no parameter get passed, return to origin page
        
        /* Commented becos of AJAX call which will always include Customer ID.
         * 
        if (customerID == null) {
            try {
                Customer[] customerList;
                customerList = customerDAO.getCustomers();
                request.setAttribute("customerList", customerList);
                messages.add("Select the customer's password you want to reset");
                return originPage;   
            } catch (DAOException e) {
                errors.add("Unable to retrieve customer list");
                errors.add("msg:" + e.getMessage());
                e.printStackTrace();
                return originPage;
            }
        }*/ 
        
        // at this stage, all validation should have been done
        try {
            customer = customerDAO.lookup(Integer.parseInt(customerID));
            
            System.out.println("customer first name is " + customer.getFirstName());

            if (customer == null) {
                messages.add("Please make sure the user that you want to reset is exist");
                errors.add("User could not be found");
                return originPage;
            }else
            	System.out.println("CUstomer found");

            // change the password
            String randomPassword = "randomPassword";
            randomPassword = Randomness.randomPassword();
            customerDAO.setPassword(customer.getUsername(), randomPassword);
            //customer.setPassword(randomPassword);

            /*
            if (!employee.checkPassword(password)) {
                messages.add("Please make sure the password you have entered is correct");
                errors.add("Incorrect password");
                return originPage;
            }
            */
            
            
            // Attach (this copy of) the employee bean to the session
            HttpSession session = request.getSession(true); 
            session.setAttribute("employee", employee);
            
            //set the welcome message
            //messages.add("Hi " + employee.getFirstName() + "!");
            messages.add("Succesfully reset the password of customer <b>" + customer.getFirstName() + " " + customer.getLastName() + " </b>");
            messages.add("<br/>New password has been emailed to <b>" + customer.getEmail() + " </b>");

            // TO-DO 
            Postman.sendResetCustomerPasswordConfirmation(customer, randomPassword);
            
            messages.add("<br/>The new random password is <b>" + randomPassword + " </b>");
            return originPage;

        } catch (Exception e) {
            errors.add("Unable to reset password" + e.getMessage());
            return originPage;
        }

    }
}